1 // ======================================================================== 2 // Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd. 3 // ------------------------------------------------------------------------ 4 // All rights reserved. This program and the accompanying materials 5 // are made available under the terms of the Eclipse Public License v1.0 6 // and Apache License v2.0 which accompanies this distribution. 7 // The Eclipse Public License is available at 8 // http://www.eclipse.org/legal/epl-v10.html 9 // The Apache License v2.0 is available at 10 // http://www.opensource.org/licenses/apache2.0.php 11 // You may elect to redistribute this code under either of these licenses. 12 // ======================================================================== 13 14 package org.eclipse.jetty.server; 15 16 import javax.servlet.ServletRequest; 17 import javax.servlet.ServletResponse; 18 import javax.servlet.http.HttpServletRequest; 19 import javax.servlet.http.HttpServletResponse; 20 21 22 /* ------------------------------------------------------------ */ 23 /** The Authentication state of a request. 24 * <p> 25 * The Authentication state can be one of several sub-types that 26 * reflects where the request is in the many different authentication 27 * cycles. Authentication might not yet be checked or it might be checked 28 * and failed, checked and deferred or succeeded. 29 * 30 */ 31 public interface Authentication 32 { 33 /* ------------------------------------------------------------ */ 34 /** A successful Authentication with User information. 35 */ 36 public interface User extends Authentication 37 { 38 String getAuthMethod(); 39 UserIdentity getUserIdentity(); 40 boolean isUserInRole(UserIdentity.Scope scope,String role); 41 void logout(); 42 } 43 44 /* ------------------------------------------------------------ */ 45 /** A wrapped authentication with methods provide the 46 * wrapped request/response for use by the application 47 */ 48 public interface Wrapped extends Authentication 49 { 50 HttpServletRequest getHttpServletRequest(); 51 HttpServletResponse getHttpServletResponse(); 52 } 53 54 /* ------------------------------------------------------------ */ 55 /** A deferred authentication with methods to progress 56 * the authentication process. 57 */ 58 public interface Deferred extends Authentication 59 { 60 /* ------------------------------------------------------------ */ 61 /** Authenticate if possible without sending a challenge. 62 * This is used to check credentials that have been sent for 63 * non-manditory authentication. 64 * @return The new Authentication state. 65 */ 66 Authentication authenticate(ServletRequest request); 67 68 /* ------------------------------------------------------------ */ 69 /** Authenticate and possibly send a challenge. 70 * This is used to initiate authentication for previously 71 * non-manditory authentication. 72 * @return The new Authentication state. 73 */ 74 Authentication authenticate(ServletRequest request,ServletResponse response); 75 76 77 /* ------------------------------------------------------------ */ 78 /** Login with the LOGIN authenticator 79 * @param username 80 * @param password 81 * @return The new Authentication state 82 */ 83 Authentication login(String username,String password); 84 } 85 86 87 /* ------------------------------------------------------------ */ 88 /** Authentication Response sent state. 89 * Responses are sent by authenticators either to issue an 90 * authentication challenge or on successful authentication in 91 * order to redirect the user to the original URL. 92 */ 93 public interface ResponseSent extends Authentication 94 { 95 } 96 97 /* ------------------------------------------------------------ */ 98 /** An Authentication Challenge has been sent. 99 */ 100 public interface Challenge extends ResponseSent 101 { 102 } 103 104 /* ------------------------------------------------------------ */ 105 /** An Authentication Failure has been sent. 106 */ 107 public interface Failure extends ResponseSent 108 { 109 } 110 111 public interface SendSuccess extends ResponseSent 112 { 113 } 114 115 /* ------------------------------------------------------------ */ 116 /** Unauthenticated state. 117 * <p> 118 * This convenience instance is for non mandatory authentication where credentials 119 * have been presented and checked, but failed authentication. 120 */ 121 public final static Authentication UNAUTHENTICATED = new Authentication(){@Override 122 public String toString(){return "UNAUTHENTICATED";}}; 123 124 /* ------------------------------------------------------------ */ 125 /** Authentication not checked 126 * <p> 127 * This convenience instance us for non mandatory authentication when no 128 * credentials are present to be checked. 129 */ 130 public final static Authentication NOT_CHECKED = new Authentication(){@Override 131 public String toString(){return "NOT CHECKED";}}; 132 133 /* ------------------------------------------------------------ */ 134 /** Authentication challenge sent. 135 * <p> 136 * This convenience instance is for when an authentication challenge has been sent. 137 */ 138 public final static Authentication SEND_CONTINUE = new Authentication.Challenge(){@Override 139 public String toString(){return "CHALLENGE";}}; 140 141 /* ------------------------------------------------------------ */ 142 /** Authentication failure sent. 143 * <p> 144 * This convenience instance is for when an authentication failure has been sent. 145 */ 146 public final static Authentication SEND_FAILURE = new Authentication.Failure(){@Override 147 public String toString(){return "FAILURE";}}; 148 public final static Authentication SEND_SUCCESS = new SendSuccess(){@Override 149 public String toString(){return "SEND_SUCCESS";}}; 150 }